Automated OPS tool Saltstack installation configuration

Saltstack is a new basic setup management approach that is easy to deploy, works in minutes, scales well, and easily manages tens of thousands of servers, fast enough, and second-level communication between servers. By deploying the Saltstack environment, we can execute batch commands on thousands of servers, configure centralized management according to different business characteristics, distribute files, collect server data, operating system base and package management, etc., Saltstack is the operation and maintenance personnel to improve work efficiency, Standardize the business configuration and operation of the sharp weapon.

Characteristics:
(1), deployment is simple, convenient;
(2), support most unix/linux and Windows environment;
(3), master-slave centralized management;
(4), simple configuration, strong function, strong extensibility;
(5), the main control end (master) and the controlled end (Minion) based on certificate authentication, safe and reliable;
(6), support API and custom module, can be easily expanded by Python.

First, Installation:
salt-master:192.168.12.22 Soft:salt-master
salt-minion01:192.168.12.25 soft:salt-minion

12.22 operation

1, this installation Saltstack use Yum installation method, so need to use third-party yum Source (Epel and Rpmforge)
RPM-IVH http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
Sed-i ' [Email protected]^#@@ '/etc/yum.repos.d/epel.repo
Sed-i ' [email protected]@#[email protected] '/ETC/YUM.REPOS.D/EPEL.REPORPM-UVH
http://apt.sw.be/redhat/el6/en/x86_64/rpmforge/RPMS/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm

2. Install dependent packages
Yum-y Install PYTHON-JINJA2

3, the above operation on the 12.25 operation once

4, 12.22 Install Saltstack Package
Yum-y Install Salt-master

5, 12.25 installation yum-y Install Salt-minion

Second, the configuration Saltstack
1, Vim/etc/salt/master
interface:192.168.12.22 Binding Master Communication IP
Auto_accept:true automatic authentication, avoid manually running Salt-key to confirm certificate Trust
File_roots: Specify the location of the Saltstack file root directory
Base
-/srv/salt/

2. Update the managed terminal configuration (12.25)
Vim/etc/salt/minion
master:192.168.12.22
Id:lvs-web1

Third, start Saltstack service

1. Service-side Start Salt-master Service (12.22)
Chkconfig Salt-master on
/etc/init.d/salt-master start

2, the controlled End start Salt-minion Service (12.25)
Chkconfig salt-minion on
/etc/init.d/salt-minion start

Iv. viewing the list of public keys on the master side
1, 12.22 operation
Salt-key-l

Accepted Keys:
Lvs-web1
Denied Keys:
unaccepted Keys:
Rejected Keys:

2. Test the connectivity of the host, the usage of the hard disk, the network interface address
Test the connectivity of the controlled host (12.25), the usage of the hard disk, the network interface address
Salt ' * ' test.ping
LVS-WEB1:
True

Salt ' * ' disk.usage
LVS-WEB1:
----------
/:
----------
1k-blocks:
10190136
Available
7409352
Capacity:
24%
FileSystem
/dev/sda2
Used:
2256496
/boot:
----------
1k-blocks:
514760
Available
456932
Capacity:
7%
FileSystem
/dev/sda1
Used:
30848
/CACTI:
----------
1k-blocks:
20026236
Available
17443668
Capacity:
9%
FileSystem
/dev/sda5
Used:
1558620
/DEV/SHM:
----------
1k-blocks:
1962184
Available
1962172
Capacity:
1%
FileSystem
Tmpfs
Used:
12

Salt ' * ' network.interfaces
LVS-WEB1:
----------
ETH1:
----------
Hwaddr
A6:95:ca:8a:6b:42
inet
|_
----------
Address
192.168.12.25
Broadcast:
192.168.12.255
Label
Eth1
Netmask
255.255.255.0
INET6:
|_
----------
Address
Fe80::a495:caff:fe8a:6b42
Prefixlen:
64
Scope
Link
Up
True
Lo
----------
Hwaddr
00:00:00:00:00:00
inet
|_
----------
Address
127.0.0.1
Broadcast:
None
Label
Lo
Netmask
255.0.0.0
INET6:
|_
----------
Address
:: 1
Prefixlen:
128
Scope
Host
Up
True

3. Execute command Test remotely
(1) The CMD module contains the output of the shell on the controlled side, such as Cmd.run and Cmd.run_all

Salt ' * ' Cmd.run date
LVS-WEB1:
Mon DEC 7 10:39:23 CST 2015

Salt ' * ' cmd.run uptime
LVS-WEB1:
10:39:56 up Days, 20:02, 4 users, Load average:0.00, 0.00, 0.00

Alt ' * ' Cmd.run ' df-h '
LVS-WEB1:
Filesystem Size used Avail use% mounted on
/dev/sda2 9.8G 2.2G 7.1G 24%/
Tmpfs 1.9G 12K 1.9G 1%/DEV/SHM
/DEV/SDA1 503M 31M 447M 7%/boot
/dev/sda5 20G 1.5G 17G 9%/cacti

Cmd.run ' ls-l/etc '
LVS-WEB1:
Total 1552
Drwxr-xr-x. 5 root root 4096 may Consolekit
-rw-r--r--. 1 root root 4439 Jul dir_colors
。。。。。。。

(2) The PKG function automatically maps the package management of the local system to the SALT function
Salt ' * ' pkg.install vim
LVS-WEB1:
----------
Vim-common:
----------
New
7.4.629-5.el6
Old
7.2.411-1.8.el6
vim-enhanced:
----------
New
7.4.629-5.el6
Old
7.2.411-1.8.el6
Vim-filesystem:
----------
New
7.4.629-5.el6
Old

Five, Salt-key parameters

1. Salt-key Common options

-L,--list-all


#显示已经或未认证的被控端id, Accepted Keys is a certified list; unaccepted keys is an uncertified list

-A ACCEPT,--accept=accept


#接受单个id证书请求

-A,--accept-all


#接受所有id证书请求

-R REJECT,--reject=reject

#拒绝指定的公钥

-R,--reject-all


#拒绝所有正在请求的公钥

-D DELETE,--delete=delete


#删除指定的公钥

-D,--delete-all


#删除所有的公钥

2. Salt-key return information

Accepted Keys: Accepted list of public keys or controlled host

unaccepted keys: List of non-accepted public keys

Rejected keys: List of denied public keys

Automated OPS tool Saltstack installation configuration